Catalin Cimpanu reports: Dutch IT security expert Sijmen Ruwhof has found a pretty big blunder on the part of Danske Bank, Denmark’s biggest bank, which exposed sensitive user session information in the form of an encoded data dump, in their banking portal’s JavaScript files. Mr. Ruwhof started to research Danish banking policies out of curiosity,…
Category: Commentaries and Analyses
FTSE heads for weekly rise but Experian drops on US data breach
It’s always interesting to see if a company’s stock prices take any hit from a breach. Nick Fletcher reports on The Guardian: Leading shares are moving higher ahead of the US jobs data, with banks boosted by news of a deadline being set for consumers to claim for mis-sold payment protection insurance. But Experian has dropped more…
The complaint to FTC about Experian that accomplished… what?
Today, Experian disclosed another data breach. This one affected 15 million customers of T-Mobile USA, for whom Experian hosts consumer data used for credit checks for new accounts. In tweeting my frustration about this latest incident, @emptywheel suggested I post the complaint I filed with the FTC about Experian in 2012. After some thought, I’ve decided…
Reports slam OCR’s poor oversight of HIPAA covered entities, breach followup efforts
If you follow HHS’s public breach tool and investigations closely, two reports from the Office of the Inspector General (OIG) finding lax oversight and insufficient follow-up will come as no surprise. Susan Hall of FierceHealthIT has a good recap: The former report was based on reviews of a statistical sample of privacy cases investigated by OCR between September…
State auditor to examine cybersecurity in Missouri schools
Excellent. NewsOK reports: State Auditor Nicole Galloway on Wednesday announced the launch of a cybersecurity audit initiative in Missouri schools. The initiative will focus on identifying practices that improve the security of information that schools have on students and their families. Read more on NewsOK.
ATM Skimmer Gang Firebombed Antivirus Firm
Brian Krebs reports: It’s notable whenever cybercime spills over into real-world, physical attacks. This is the story of a Russian security firm whose operations were pelted with Molotov cocktail attacks after exposing an organized crime gang that developed and sold malicious software to steal cash from ATMs. Read more on KrebsOnSecurity.com.